Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'concrete5' disclosed a bug submitted by b'bl4de' 
b"Stored XSS in Private Messages 'Reply' allows to execute malicious JavaScript against any user while replying to the message which contains payload"
17 Aug 2017 timeline
b'Mapbox' disclosed a bug submitted by b'sahilsaif' 
b'Stored xss in editor '
17 Aug 2017 timeline
b'YouPorn' disclosed a bug submitted by b'nahamsec' 
b'IDOR - Access to private video thumbnails even if video requires password authentication'
17 Aug 2017 timeline
b'Harvest' disclosed a bug submitted by b'vijay_kumar1110' 
b'Project Manager can approve pending reports(Access control Issue)'
17 Aug 2017 timeline
b'Udemy' disclosed a bug submitted by b'kaushalag29' 
b'Violation of secure design principle'
17 Aug 2017 timeline
b'Open-Xchange' disclosed a bug submitted by b'vijay_kumar1110' 
b'Resend invitation to members by Read only user(Privilege Escalation)'
17 Aug 2017 timeline
b'Open-Xchange' disclosed a bug submitted by b'vijay_kumar1110' 
b'Unauthorized access to attachments details of Private Calendar appointments (Access control issue)'
17 Aug 2017 timeline
b'Open-Xchange' disclosed a bug submitted by b'vijay_kumar1110' 
b'Critical : View/Edit access to private appointments of calendar folder by read only user (Vertical privilege escalation)'
17 Aug 2017 timeline
b'Udemy' disclosed a bug submitted by b'hi_man' 
b'CSRF Token'
17 Aug 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'netfuzzer' 
b'Dom based xss affecting all pages from https://www.grab.com/.'
17 Aug 2017 timeline
b'Unikrn' disclosed a bug submitted by b'yaworsk' 
b'Urgent: Server side template injection via Smarty template allows for RCE'
17 Aug 2017 timeline
b'Weblate' disclosed a bug submitted by b'ashish_r_padelkar' 
b'Csrf in watch-unwatch projects'
17 Aug 2017 timeline
b'Weblate' disclosed a bug submitted by b'blake12356' 
b'Error Message When Changing Username'
17 Aug 2017 timeline
b'Zomato' disclosed a bug submitted by b'gerben_javado' 
b'[api.zomato.com] Login to any account with the emailaddress'
17 Aug 2017 timeline
b'Moneybird' disclosed a bug submitted by b'azizs3curity' 
b'Stored XSS at Moneybird'
17 Aug 2017 timeline
b'HackerOne' disclosed a bug submitted by b'ericlaw' 
b'Missing Certificate Authority Authorization rule'
17 Aug 2017 timeline
b'Legal Robot' disclosed a bug submitted by b'attacker911' 
b'Password reset access control'
16 Aug 2017 timeline
b'Quora' disclosed a bug submitted by b'imran-parray' 
b'Possibility of DOS Through logging System'
16 Aug 2017 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'vagg-a-bond' 
b'[parcel.grab.com] DOM XSS at /assets/bower_components/lodash/perf/'
16 Aug 2017 timeline
b'Moneybird' disclosed a bug submitted by b'bogdantcaciuc' 
b'Moneybird customers invoices leak in cacheable urls'
16 Aug 2017 timeline
1 ... 525 526 527 528 529 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM